Featuring 9 Papers as of January 26, 2015
An Abbreviated History of Automation & Industrial Controls System and Cybersecurity
by Ernie Hayden - January 23, 2015
Automation and industrial controls systems - often referred to as ICS - have an interesting and fairly long history.
Systems Engineering: Required for Cost-Effective Development of Secure Products
by Dan Lyon - October 8, 2012
Security of data and systems is critical to consider during development of a complex system, and by taking a systems approach, secure design can be achieved in a cost effective manner.
A Practical Application of Background Investigations for Small Company Security Perimeters
by Tim Cook - August 30, 2007
According to the 2003 CSI/FBI Computer Crime and Security Survey, the two most cited forms of computer attack or abuse were virus incidents (82 percent) and insider abuse of network access (80 percent) and according to the 2005 CSI/FBI Computer Crime and Security Survey despite some variation from year to year, inside jobs occur about as often as outside jobs. This data is confirmed and supplemented by the 2006 CSI/FBI Computer Crime and Security Survey where it is reported that 62% of respondents believe that they have suffered losses due to insider threats and 7 percent of respondents thought that insiders account for more than 80 percent of their organizations cyber losses.
Fiber Optics and its Security Vulnerabilities
by Kimberlie Witcher - October 5, 2005
Researching fiber optic security vulnerabilities suggests that not everyone who is responsible for their networks security is aware of the different methods that intruders use to hack virtually undetected into fiber optic cables.
Implementing Robust Physical Security
by Bob Pagoria - August 15, 2004
As the world of computer technology continues to grow, becomes increasingly competitive and vulnerable to malicious attacks, every business must more seriously consider IT (Information Technology) security as a high priority.
Using Passive Environmental Cues to Enhance Physical Security
by David Pollack - July 25, 2004
Most computer users are not aware of the fact that malevolent individuals use a variety of methods to gain access to systems including social engineering and outright theft. All too often do people rely on electronic security devices to provide all of their information security needs.
Physical Security: A Biometric Approach
by Ryan Hay - March 2, 2004
This paper will analyze various biometric techniques and products, provide advantages and disadvantages of these techniques, and conclude with a discussion on biometrics of the future.
by Justin Bois - April 4, 2002
This paper is intended to demonstrate the design of a building with physical security in mind and how to apply the same theories to existing buildings.
Building the Ideal Web Hosting Facility: A Physical Security Perspective
by Seth Friedman - December 10, 2001
The purpose of this paper is to provide a comprehensive look at Physical Security by means of building an ideal web hosting facility. By viewing this design and construction process from a Physical Security perspective, we will identify and describe the measures needed to make our facility fully secure; and create a comprehensive Physical Security Primer that can be used in many types of facilities and circumstances.
Most of the computer security white papers in the Reading Room have been written by students seeking GIAC certification to fulfill part of their certification requirements and are provided by SANS as a resource to benefit the security community at large. SANS attempts to ensure the accuracy of information, but papers are published "as is". Errors or inconsistencies may exist or may be introduced over time as material becomes dated. If you suspect a serious error, please contact firstname.lastname@example.org.
All papers are copyrighted. No re-posting or distribution of papers is permitted.